Claims 



1. (Currently Amended) A processor-executable method for outputting a 
transformed Web site privacy policy onto a display device, comprising: 

receiving one or more user concerns, the one or more user concerns generated 
from a user concerns interface displayed on a client computer, the user concerns 
interface having a list of selectable user concerns; 

comparing , via a processor, the one or more user concerns with a Web site 
privacy policy; 

identifying specific portions of the Web site privacy policy that conflict with the 
user concerns; m4 

transferring the identified specific portions of the Web site privacy policy to a 
conflict bucket; and 

outputting the enttfe-Web site privacy policy onto the display device , wherein the 
identified specific portions are outputted from the conflict bucket and the identified 
specific portions such that th e id e nt i f ie d sp e c i f i c port i ons of th e W e b s i t e pr i vacy po li cy 



Web site privacy policy , the conflict bucket containing only the specific portions of the 
Web site privacy policy that conflict with the user concerns that do not conf li ct w i th tho 
usor concerns . 

2. (Currently Amended) The processor-executable method as recited in claim 
1 , further comprising collecting user concerns from a user. 

3. (Currently Amended) The processor-executable method as recited in claim 
1_[[2]], wherein the identifying specific portions of the Web site privacy policy that conflict 
with the user concerns further compris es display ing an icon to the display 
device co ll oct i ng tho usor concorns from a usor v i a a concorns sett i ngs usor i nterface . 




-appear before non-conflicting t ne-portions of the 
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4. (Currently Amended) The processor-executable method as recited in claim 
1, wherein: 

the Web site privacy policy includes one or more policy statements; and 
the comparing further comprises comparing each privacy policy statement with 
each user concern. 

5. (Currently Amended) The processor-executable method as recited in claim 
1, wherein the privacy policy further comprises a policy file that conforms to P3P 
(Platform for Privacy Preferences Project) standards. 

6. (Currently Amended) The processor-executable method as recited in claim 
1 , wherein the privacy policy is contained in an XML (extensible Markup Language) file. 

7. (Currently Amended) The processor-executable method as recited in claim 
1 , wherein outputting the Web site privacy policy includes outputting the ro ordered Web 
site privacy policy in an XSL (extensible Stylesheet Language) transformation. 

8. (Currently Amended) The processor-executable method as recited in claim 
1, further comprising notifying the user that a conflict exists between the user concerns 
and the Web site privacy policy file. 

9. (Currently Amended) The processor-executable method as recited in claim 
1 , wherein the outputting is performed in response to a user request to display the fe- 
ordorod Web site privacy policy. 

10. (Currently Amended) The processor-executable method as recited in claim 
1 , further comprising receiving a user request to initiate a policy analysis. 

11. (Currently Amended) A Web site privacy policy evaluation and 
transformation system, comprising: 

one or more processors; and 
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memory having instructions executable by the one or more processors, the 
memory including: 

a user concerns menu to allow a user to enter privacy concern 
preferences to be used in evaluating a Web site privacy policy file; 

a Web browser to allow the user to access one or more network Web sites 
based on the evaluation of the privacy policy file; 

a trust engine for evaluating the privacy policy file, the trust engine 
enabled to: 



brows i ng th e W e b sit e s that do not conta i n th e W e b s i t e pr i vacy 

query the user as to whether the user wishes to continue 
browsing the network Web site when the network Web site does 
not contain the privacy policy file, 

evaluate the privacy policy file when the network Web site 
does contain the privacy policy file by comparing the user concerns 
with the privacy policy file included in a Web site, and 

identify specific portions of the privacy policy file that conflict 
with the user concerns when the network Web site does contain the 
privacy policy file ; 



a transformation module to transform the privacy policy file into a user- 
centric policy display that emphasizes the specific portions of the privacy policy 
file that conflict with the user concerns; and 

a user interface module to cause the display of the transformed privacy 
policy file. 

12. (Previously Presented) The system as recited in claim 11, wherein the trust 
engine further compares each user concern with each of multiple statements making up 
the privacy policy file. 



notify the user when the network Web site does not contain 
the privacy policy file r e qu e st an us e r i nput pr i or to cont i nu e 



Serial No.: 10/693,333 

Atty Docket No.: MS1-1755US 

Agent: Elizabeth J. Zehr 



-4- 




www.leehayes.com e 509.324.9256 



13. (Previously Presented) The system as recited in claim 1 1 , wherein the Web 
browser further provides a conflict notification when there is a conflict between a user 
concern and the privacy policy file. 



14. (Canceled). 

15. (Previously Presented) The system as recited in claim 1 1 , wherein the user 
interface module displays the portions of the privacy policy file that conflict with the user 
concerns more prominently than the portions of the privacy policy file that do not conflict 
with the user concerns. 

16. (Currently Amended) One or more computer-readable media including 
computer-executable instructions that, when executed on a computer, perform a 
method of: 

receiving a set of user concerns selected from a list of possible user concerns: 
comparing the[[a]] set of user concerns with a set of Web site privacy policy 

statements to determine if a privacy policy statement conflicts with a user concern; 

identifying specific portions of the privacy policy statement that conflict with the 

user concern; 

adding metadata to the privacy policy statements' internal representation of the 
conflicting statements; 

re-ordering the privacy policy statements so that the specific portions of the 
privacy policy statement that conflict with the user concern appear before the portions of 
the privacy policy statement that do not conflict with the user concern; and 

causing the display of the re-ordered privacy policy statements on a display 
device. 

17. (Original) The one or more computer-readable media as recited in claim 16, 
further comprising collecting the set of user concerns from a user. 
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18. (Previously Presented) The one or more computer-readable media as 
recited in claim 16, further comprising receiving a prompt from a user before executing 
the comparing, identifying, re-ordering, and the causing the display of. 

19. (Previously Presented) The one or more computer-readable media as 
recited in claim 16, further comprising providing a conflict notification to a user to inform 
the user that specific portions of the privacy policy statement that conflict with the user 
concern have been identified. 

20. (Previously Presented) The one or more computer-readable media as 
recited in claim 16, further comprising providing a conflict notification to a user to inform 
the user that specific portions of the privacy policy statement that conflict with the user 
concern have been identified, and only performing the causing the display of upon 
detection of a user response to the conflict notification. 

21. (Canceled). 
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